Linux: Linux Security and Administration
Did you wonder what the Linux operating system is and how you can install it on your system? Do you want to learn how to
306 63 594KB
English Pages [109] Year 2021
Table of contents :
Introduction
Chapter One: Using Linux on Virtual Machines
Installing a Workstation Player
Choose the Correct Distro
Linux Distros
Setting Up the Virtual Machine
Customizing Virtual Hardware
Download and Install Tools
Installing Linux on VMware
Running Linux on a Virtual Machine
Installing a Linux Distro on a Windows Virtual Machine
Chapter Two: Securing User Accounts on Linux
Don’t Login Using a Root Account
Using Sudo Accounts
Reducing the Damage
Fine-Grained Permissions
Managing User Account Security
Adding New Users
Disable Root Login
Password Policies in Linux
Restrict SSH Access
Understanding Account Privileges
Manage Linux User Accounts
Reducing Privileges
Managing Passwords
Reduce the Use of Shared Accounts
Control Access to Accounts
Maintain Logs
Record and Manage Privileged Activity
Notify or Alert in Case of Suspicious Activity
Unify and Centralize
Chapter Three: Securing Servers Using Firewalls
Ports
Using the Firewall-cmd Interface
Bock Everything
Creating a Zone
Removing or Adding Services
Unblocking a Service
Removing and Adding Ports
Walls of Fire
Chapter Four: Securing Your Server
Updating Servers Regularly
Creating a Secondary User Account
Setting up SSH Keys
Checking and Configuring the Firewall
Limiting the Use of Open Ports
Setting Up Live Kernel Patches
Hardening the Kernel
Hardening User Space
Using Secure Boot
Setting Up Two-Factor Authentication
Step One
Step Two
Step Three
Step Four
Step Five
Turning Off Internet Protocols
Understanding the Applications/Tools before Installation
Removing Unnecessary Startup Processes
Reviewing Activities Regularly
Start Backing Up
Only Install the Things You Need
Use SELinux
Securing the Console Access
Restricting the Use of Old Passwords
Checking Listening Ports
Disabling Login through the Root
Change Ports
Disabling Shortcuts
Logging In Without Passwords
Use fail2ban
Creating a New Privileged Account
Uploading the SSH Key
Securing SSH
Creating a Firewall
Removing Unused Network Services
Chapter Five: Password Encryption Methods in Linux
Pretty Good Privacy (PGP) and Public-Key Cryptography
S/MIME, SSL and S-HTTP
S/MIME
SSL
S-HTTP
Linux IPSEC Implementation
Secure Telnet (stelnet) and Secure Shell (ssh)
Pluggable Authentication Modules or PAM
CIPE or Cryptographic IP Encapsulation
Using Shadow Passwords
John the Ripper and Crack
Chapter Six: Tools to Encrypt and Decrypt Password Protected Files
GNU Privacy Guard or GnuPG
Bcrypt
Ccrypt
4-Zip
Openssl
7-Zip
Nautilus Encryption Utility
Encryption
Decryption
Chapter Seven: Using Tools to Encrypt Files on Linux
Tomb
Cryptmount
CryFS
GnuPG
VeraCrypt
EncFS
7-zip
Dm-crypt
eCryptfs
Cryptsetup
Chapter Eight: Using Cryptsetup to Setup Encrypted Filesystems and Swap Space
Using a Drive, Loop Device, or Partition for Encryption
Testing the Encryption
Installing cryptsetup
Setting the Encrypted Partition
Testing Encryption
Adding Additional Layers of Security
Chapter Nine: Using Access Control Lists in Linux
Introduction to Access Control Lists (ACL)
Uses of ACL
List of Commands to Set Up ACLs
Adding Permissions to Users
Adding Permissions to Groups
Allowing Files and Directories to Inherit ACL Entries
Removing a Specific Entry in the ACL
Removing Entries in ACL
Modifying the ACL
Adding Permissions for Users
Adding Permissions to Groups
Allow Files or Directories to Inherit the ACL Entries
Viewing ACL
Removing ACL
Using Default ACLs
Chapter Ten: Downloading and Installing Kali Linux
Downloading Kali Linux
Hard Disk Installation
Booting Kali Linux for the First Time
Setting the Defaults
Initial Network Setup
Password
System Clock
Disk Partitioning
Configuring the Packet Manager
Installing the GRUB Loader
Completing the Installation
USB Drive Installation
Windows Non-Persistent Installation
Linux Persistent Installation
Chapter Eleven: The Penetration Testing Life Cycle
The Five Stages of the Penetration Testing Life Cycle
Stage 1: Reconnaissance
Stage 2: Scanning
Stage 3: Exploitation
Stage 4: Maintaining Access
Stage 5: Reporting
Chapter Twelve: Scanning
Network Traffic
Firewalls and Ports
PING
Traceroute
Nmap: The King of Scanners
Conclusion
References
Introduction
Chapter One: Using Linux on Virtual Machines
Installing a Workstation Player
Choose the Correct Distro
Linux Distros
Setting Up the Virtual Machine
Customizing Virtual Hardware
Download and Install Tools
Installing Linux on VMware
Running Linux on a Virtual Machine
Installing a Linux Distro on a Windows Virtual Machine
Chapter Two: Securing User Accounts on Linux
Don’t Login Using a Root Account
Using Sudo Accounts
Reducing the Damage
Fine-Grained Permissions
Managing User Account Security
Adding New Users
Disable Root Login
Password Policies in Linux
Restrict SSH Access
Understanding Account Privileges
Manage Linux User Accounts
Reducing Privileges
Managing Passwords
Reduce the Use of Shared Accounts
Control Access to Accounts
Maintain Logs
Record and Manage Privileged Activity
Notify or Alert in Case of Suspicious Activity
Unify and Centralize
Chapter Three: Securing Servers Using Firewalls
Ports
Using the Firewall-cmd Interface
Bock Everything
Creating a Zone
Removing or Adding Services
Unblocking a Service
Removing and Adding Ports
Walls of Fire
Chapter Four: Securing Your Server
Updating Servers Regularly
Creating a Secondary User Account
Setting up SSH Keys
Checking and Configuring the Firewall
Limiting the Use of Open Ports
Setting Up Live Kernel Patches
Hardening the Kernel
Hardening User Space
Using Secure Boot
Setting Up Two-Factor Authentication
Step One
Step Two
Step Three
Step Four
Step Five
Turning Off Internet Protocols
Understanding the Applications/Tools before Installation
Removing Unnecessary Startup Processes
Reviewing Activities Regularly
Start Backing Up
Only Install the Things You Need
Use SELinux
Securing the Console Access
Restricting the Use of Old Passwords
Checking Listening Ports
Disabling Login through the Root
Change Ports
Disabling Shortcuts
Logging In Without Passwords
Use fail2ban
Creating a New Privileged Account
Uploading the SSH Key
Securing SSH
Creating a Firewall
Removing Unused Network Services
Chapter Five: Password Encryption Methods in Linux
Pretty Good Privacy (PGP) and Public-Key Cryptography
S/MIME, SSL and S-HTTP
S/MIME
SSL
S-HTTP
Linux IPSEC Implementation
Secure Telnet (stelnet) and Secure Shell (ssh)
Pluggable Authentication Modules or PAM
CIPE or Cryptographic IP Encapsulation
Using Shadow Passwords
John the Ripper and Crack
Chapter Six: Tools to Encrypt and Decrypt Password Protected Files
GNU Privacy Guard or GnuPG
Bcrypt
Ccrypt
4-Zip
Openssl
7-Zip
Nautilus Encryption Utility
Encryption
Decryption
Chapter Seven: Using Tools to Encrypt Files on Linux
Tomb
Cryptmount
CryFS
GnuPG
VeraCrypt
EncFS
7-zip
Dm-crypt
eCryptfs
Cryptsetup
Chapter Eight: Using Cryptsetup to Setup Encrypted Filesystems and Swap Space
Using a Drive, Loop Device, or Partition for Encryption
Testing the Encryption
Installing cryptsetup
Setting the Encrypted Partition
Testing Encryption
Adding Additional Layers of Security
Chapter Nine: Using Access Control Lists in Linux
Introduction to Access Control Lists (ACL)
Uses of ACL
List of Commands to Set Up ACLs
Adding Permissions to Users
Adding Permissions to Groups
Allowing Files and Directories to Inherit ACL Entries
Removing a Specific Entry in the ACL
Removing Entries in ACL
Modifying the ACL
Adding Permissions for Users
Adding Permissions to Groups
Allow Files or Directories to Inherit the ACL Entries
Viewing ACL
Removing ACL
Using Default ACLs
Chapter Ten: Downloading and Installing Kali Linux
Downloading Kali Linux
Hard Disk Installation
Booting Kali Linux for the First Time
Setting the Defaults
Initial Network Setup
Password
System Clock
Disk Partitioning
Configuring the Packet Manager
Installing the GRUB Loader
Completing the Installation
USB Drive Installation
Windows Non-Persistent Installation
Linux Persistent Installation
Chapter Eleven: The Penetration Testing Life Cycle
The Five Stages of the Penetration Testing Life Cycle
Stage 1: Reconnaissance
Stage 2: Scanning
Stage 3: Exploitation
Stage 4: Maintaining Access
Stage 5: Reporting
Chapter Twelve: Scanning
Network Traffic
Firewalls and Ports
PING
Traceroute
Nmap: The King of Scanners
Conclusion
References
- Author / Uploaded
- Andy Vickler
